The food and agriculture sector is one of 16 that the Cybersecurity and Infrastructure Security Agency (CISA) identifies as critical infrastructure in the United States. Not only does it consist of 2.1 million farms, 935,000 restaurants and at least 200,000 production and processing facilities, as reported by Cybersecurity Dive, but quite simply – we’d have a very difficult time living without it. Needless to say, protecting it is important. And as we’ve explored before, that increasingly means implementing strong cybersecurity measures.
The Pressure and Complexity Building Around Food Manufacturing
Let’s start by rewinding a bit. It was over a year ago that we received one of the biggest wake-up calls regarding food manufacturing cybersecurity. In May 2021, JBS USA was hit by ransomware attack causing it to temporarily suspend meat processing operations. On top of that, $11 million in ransom was paid to cybercriminals. So, it was costly in more than one way. But even with the amount of time that has gone by, Katell Thielemann, research VP at Gartner, has explained that security teams are still scrambling to catch up. Because vulnerabilities that lead to events like the case of JBS can exist within a number of places, including the vast supply chain, outdated equipment or exposed systems, Thielemann said that many continue to catalog assets and identify potential weaknesses.
One of the most complex parts of that process is sifting through the mentioned supply chain. The food manufacturing industry in today’s environment relies on an extensive network from farmers to transportation. Therefore, there are often countless third parties involved. That means that there is a lot of information being exchanged, which only grows with the added technological advances of Industry 4.0. While there are upsides to this such as increasing the transparency that helps consumers make more sustainable choices, it also makes it much more difficult to find areas of risk.
A study released by IBM just in time for Cybersecurity Awareness Month revealed that the stress stemming from challenges like this are really starting to take a toll on frontline cybersecurity responders. In a survey of 1,100 professionals around the globe, 68% stated that, “it’s common to be assigned to respond to two or more overlapping incidents simultaneously,” according to an IBM press release. And considering that manufacturers, including those in food operations, have experienced the greatest number of ransomware attacks, it is time to provide solutions that will help to address and eliminate some of this pressure.
Reducing Cybersecurity Risk in Food Manufacturing
As David Lake emphasizes in a piece for Food Processing, “Food processors must focus on increasing their cybersecurity to reduce risk to its business and to the wider industry.” There are several ways to begin doing this. It starts with conducting a deep dive into the production system, which also involves the devices that make up the system. Having a thorough understanding will help to outline and track vulnerabilities in the complicated network discussed above. There are then tools that can be applied to ensure a level of security across all of those working within that network such as multifactor authentication.
Other important steps consist of backing up data and properly training staff. This prevents complete loss in the case of an attack and builds a team that is prepared to prevent and defend against such incidents. Also make sure to have response plans made up. This provides trained teams to execute the best and most relevant response to any kind of breach that occurs. As Lake highlights, such plans should incorporate strategies for outreach to stakeholders and other parties that would be impacted.
At Veracity, we understand that this can be overwhelming and easier said than done. We’re here as partner in this. We specialize in manufacturing cybersecurity and offer resources that can streamline this process. Make sure to explore our website and reach out to learn more about our services.
Sources:
- “Food supplier cyber risk spreads 1 year after JBS attack” – Matt Kapko, Cybersecurity Dive
https://www.cybersecuritydive.com/news/food-supplier-cyber-risk-spreads-jbs/624800/ - “Industry 4.0: Securing the future of the food & beverage industry” – Fortude (Press Release), Yahoo Finance
https://finance.yahoo.com/news/industry-4-0-securing-future-220000606.html - “New IBM Study Finds Cybersecurity Incident Responders Have Strong Sense of Service as Threats Cross Over to Physical World” – IBM (Press Release), PR Newswire
https://www.prnewswire.com/news-releases/new-ibm-study-finds-cybersecurity-incident-responders-have-strong-sense-of-service-as-threats-cross-over-to-physical-world-301638452.html - “Seven Steps to Reduce Cybercrime at Food Processing Plants” – David Lake, Food Processing
https://www.foodprocessing.com/supply-chain/cybersecurity/article/11415195/seven-steps-to-reduce-cybercrime-at-food-processing-plants
Learn about the ultimate solution to protect infrastructure networks, Net-Optix.
